The almost two week long hack did not involve travel or passport details, the airline said, adding that it had launched an urgent investigation into the theft of customer data.

"The personal and financial details of customers making bookings on our website and app were compromised," it said. "The breach has been resolved and our website is working normally. We have notified the police and relevant authorities."

BA said the breach took place between 2158 GMT on August 21 and 2045 GMT on September 5 and that around 380,000 payment cards were compromised.

BA advised anyone who believed they may have been affected to contact their bank or credit card provider and follow their recommendations.

"I've not heard anything from them on this and I've just had to cancel the card I used. They're a shambles," he told the Daily Telegraph newspaper.

Another BA customer, Stephanie Jowers, said she contacted the airline hours before the hack was announced to query a suspicious charge on her account but was not informed it could have been compromised.

"I asked repeatedly for an explanation. None was given," she told the Daily Telegraph.